﻿<?php

session_start();

/**
 * @author Sabine Müller
 * @copyright 2012
 */


include 'nav.inc.php';
include 'dbConn.php';

html_head('Administration - Passwort &auml;ndern');

	if(!isset($_SESSION["username"])){
	echo("<div class='content' style='margin-left:350px'>");
	   echo ("Bitte erst <a href='../login.php'>einloggen</a>.");
	   exit;
	   echo("</div");
	 }
	else{
		menu();
		echo("<div class='content' style='margin-left:350px'>");
		if (isset($_REQUEST['next_page']))
			$next_page = $_REQUEST['next_page'];
		else
			$next_page = '0';
		echo ("<form name='main' action='".$_SERVER['SCRIPT_NAME']."' method='post'>\n");
		echo ("<table>\n");
		if($next_page == '0'){
			echo("<tr>");
				echo("<td>");
					$query = "SELECT * FROM mitarbeiter ORDER BY m_name";
					$result = mysql_query($query) or die(mysql_error());
					echo("<select name='mid'>");
						echo("<option value='0'>Auswahl</option>");
					while($ma = mysql_fetch_assoc($result)){
						echo("<option value='".$ma['m_id']."'>".$ma['m_lang']."</option>");
					}
					echo("</select>");
				echo("</td>");
			echo("</tr>");
			echo("<tr>");
				echo("<td>");
					echo("<input type='submit' value='Rechte &auml;ndern'>");
					echo"<input type='hidden' name='next_page' value='1' />\n";
				echo("</td>");
			echo("</tr>");
		}
		if($next_page == '1'){
			if(isset($_POST['mid']) && $_POST['mid'] != '0'){
				$query = "SELECT * FROM Rechte WHERE idMitarbeiter='".$_POST['mid']."'";
				$result = mysql_query($query) or die(mysql_error());
				if($rights = mysql_fetch_assoc($result)){
					echo("<tr>");
					echo("<td>");
						echo("<b>Anwesenheit</b>");
					echo("</td>");
					echo("<td>");
						echo("<input type='checkbox' name='anwes' value='1' ");
						if($rights['anwesenheit'] == '1') echo ("checked");
						echo(">Ja");
						echo("<input type='checkbox' name='anwes' value='0' ");
						if($rights['anwesenheit'] == '0') echo ("checked");
						echo(">Nein");
					echo("</td>");
				echo("</tr>");
				echo("<tr>");
					echo("<td>");
						echo("<b>Ausleihe</b>");
					echo("</td>");
					echo("<td>");
						echo("<input type='checkbox' name='ausleihe' value='1' ");
						if($rights['ausleihe'] == '1') echo ("checked");
						echo(">Ja");
						echo("<input type='checkbox' name='ausleihe' value='0' ");
						if($rights['ausleihe'] == '0') echo ("checked");
						echo(">Nein");
					echo("</td>");
				echo("</tr>");
				echo("<tr>");
					echo("<td>");
						echo("<b>Praktikum</b>");
					echo("</td>");
					echo("<td>");
						echo("<input type='checkbox' name='prak' value='1' ");
						if($rights['praktikum'] == '1') echo ("checked");
						echo(">Ja");
						echo("<input type='checkbox' name='prak' value='0' ");
						if($rights['praktikum'] == '0') echo ("checked");
						echo(">Nein");
					echo("</td>");
				echo("</tr>");
				echo("<tr>");
					echo("<td>");
						echo("<b>Rezensenten</b>");
					echo("</td>");
					echo("<td>");
						echo("<input type='checkbox' name='rez' value='1' ");
						if($rights['rezensenten'] == '1') echo ("checked");
						echo(">Ja");
						echo("<input type='checkbox' name='rez' value='0' ");
						if($rights['rezensenten'] == '0') echo ("checked");
						echo(">Nein");
					echo("</td>");
				echo("</tr>");
				echo("<tr>");
					echo("<td>");
						echo("<b>Stunden</b>");
					echo("</td>");
					echo("<td>");
						echo("<input type='checkbox' name='std' value='1' ");
						if($rights['stunden'] == '1') echo ("checked");
						echo(">Ja");
						echo("<input type='checkbox' name='std' value='0' ");
						if($rights['stunden'] == '0') echo ("checked");
						echo(">Nein");
					echo("</td>");
				echo("</tr>");
				echo("<tr>");
					echo("<td>");
						echo("<b>Urlaub</b>");
					echo("</td>");
					echo("<td>");
						echo("<input type='checkbox' name='urlaub' value='1' ");
						if($rights['urlaub'] == '1') echo ("checked");
						echo(">Ja");
						echo("<input type='checkbox' name='urlaub' value='0' ");
						if($rights['urlaub'] == '0') echo ("checked");
						echo(">Nein");
					echo("</td>");
				echo("</tr>");
				}
				else{
					echo("<tr>");
						echo("<td>");
							echo("<b>Anwesenheit</b>");
						echo("</td>");
						echo("<td>");
							echo("<input type='checkbox' name='anwes' value='1'>Ja");
							echo("<input type='checkbox' name='anwes' value='0'>Nein");
						echo("</td>");
					echo("</tr>");
					echo("<tr>");
						echo("<td>");
							echo("<b>Ausleihe</b>");
						echo("</td>");
						echo("<td>");
							echo("<input type='checkbox' name='ausleihe' value='1'>Ja");
							echo("<input type='checkbox' name='ausleihe' value='0'>Nein");
						echo("</td>");
					echo("</tr>");
					echo("<tr>");
						echo("<td>");
							echo("<b>Praktikum</b>");
						echo("</td>");
						echo("<td>");
							echo("<input type='checkbox' name='prak' value='1'>Ja");
							echo("<input type='checkbox' name='prak' value='0'>Nein");
						echo("</td>");
					echo("</tr>");
					echo("<tr>");
						echo("<td>");
							echo("<b>Rezensenten</b>");
						echo("</td>");
						echo("<td>");
							echo("<input type='checkbox' name='rez' value='1'>Ja");
							echo("<input type='checkbox' name='rez' value='0'>Nein");
						echo("</td>");
					echo("</tr>");
					echo("<tr>");
						echo("<td>");
							echo("<b>Stunden</b>");
						echo("</td>");
						echo("<td>");
							echo("<input type='checkbox' name='std' value='1'>Ja");
							echo("<input type='checkbox' name='std' value='0'>Nein");
						echo("</td>");
					echo("</tr>");
					echo("<tr>");
						echo("<td>");
							echo("<b>Urlaub</b>");
						echo("</td>");
						echo("<td>");
							echo("<input type='checkbox' name='urlaub' value='1'>Ja");
							echo("<input type='checkbox' name='urlaub' value='0'>Nein");
						echo("</td>");
					echo("</tr>");
				}
				echo("<tr>");
				echo("<td>");
					echo("<input type='submit' value='Rechte speichern'>");
					echo("<input type='hidden' name='next_page' value='2' />\n");
					echo("<input type='hidden' name='mid' value='".$_POST['mid']."' />\n");
				echo("</td>");
				echo("</tr>");
			}
			else{
				echo("Ungültige Auswahl");
			}
		}
		if($next_page == '2'){
			if(isset($_POST['anwes'])) $anwes = $_POST['anwes'];
				else $anwes = '0';
			if(isset($_POST['ausleihe'])) $ausleihe = $_POST['ausleihe'];
				else $ausleihe = '0';
			if(isset($_POST['prak'])) $prak = $_POST['prak'];
				else $prak = '0';
			if(isset($_POST['rez'])) $rez = $_POST['rez'];
				else $rez= '0';
			if(isset($_POST['std'])) $std = $_POST['std'];
				else $std = '0';
			if(isset($_POST['urlaub'])) $urlaub = $_POST['urlaub'];
				else $urlaub = '0';
			
			$query = "SELECT * FROM Rechte WHERE idMitarbeiter='".$_POST['mid']."'";
			$result = mysql_query($query) or die(mysql_error());
			if(mysql_fetch_assoc($result)){
				$query = "UPDATE Rechte SET ausleihe='".$ausleihe."', anwesenheit='".$anwes."', praktikum='".$prak."', "
				." rezensenten='".$rez."', stunden='".$std."', urlaub='".$urlaub."'"
				." WHERE idMitarbeiter='".$_POST['mid']."'";
			}
			else{
				$query = "INSERT INTO Rechte VALUES('', '".$_POST['mid']."', '$ausleihe', '$anwes', '$prak', '$rez', '$std', '$urlaub')";
			}
			mysql_query($query) or die(mysql_error());
			echo("<tr>");
					echo("<td>");
						echo("<b>Rechte geändert</b>");
					echo("</td>");
				echo("</tr>");
		}
		echo ("</table>\n");
		echo("</form>");
	}
echo("</div>");
?>
